WO2008101446A1 - Method and system for wimax foreign agent relocation with authorization token - Google Patents

Method and system for wimax foreign agent relocation with authorization token Download PDF

Info

Publication number
WO2008101446A1
WO2008101446A1 PCT/CN2008/070332 CN2008070332W WO2008101446A1 WO 2008101446 A1 WO2008101446 A1 WO 2008101446A1 CN 2008070332 W CN2008070332 W CN 2008070332W WO 2008101446 A1 WO2008101446 A1 WO 2008101446A1
Authority
WO
WIPO (PCT)
Prior art keywords
relocation
timestamp
pmip
authorization token
target
Prior art date
Application number
PCT/CN2008/070332
Other languages
French (fr)
Inventor
Yingzhe Wu
Madjid Nakhjiri
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Priority to CN2008800003233A priority Critical patent/CN101542978B/en
Publication of WO2008101446A1 publication Critical patent/WO2008101446A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/02Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
    • H04W8/06Registration at serving network Location Register, VLR or user mobility server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]

Definitions

  • the present invention relates generally to wireless communications, and more particularly, to a versatile system for optimized foreign agent relocation in a system operating in accordance with WiMAX (i.e., IEEE 802.16xx) standards.
  • WiMAX i.e., IEEE 802.16xx
  • WiMAX is a term that is commonly used to refer to standard, interoperable implementations of IEEE 802.16 wireless systems and sub-systems.
  • the bandwidth and physical range of WiMAX make it a suitable technology for a number of wireless applications, such as: connectivity for Wi-Fi hotspots; providing wireless "last mile” (or “last km”) broadband access; and providing high-speed mobile data and telecommunications services.
  • WiMAX WiMAX
  • Some telecommunication service providers are evaluating WiMAX as a means of increasing bandwidth for a variety of data-intensive applications.
  • backhaul for Internet or cellular phone traffic from remote areas back to an Internet backbone.
  • the cost-effectiveness of WiMAX in a remote application may be higher, it is not limited to such applications, and may be an answer to reducing the cost of Tl/El backhaul as well.
  • WiMAX may enhance wireless infrastructure in an inexpensive, decentralized, deployment-friendly and effective manner.
  • a media access controller uses a scheduling algorithm for which a subscriber station needs to compete only once - upon initial entry into a network. Thereafter, it is allocated an access slot (e.g., time slot) by an associated base station. The time slot can enlarge and contract, but remains assigned to the subscriber station.
  • the scheduling algorithm is stable under overload and over-subscription, and may also be more bandwidth efficient.
  • the scheduling algorithm also allows a base station to control Quality of Service (QoS) parameters, by balancing time-slot assignments among application needs of subscriber stations.
  • QoS Quality of Service
  • Embodiments of the present invention provide a method and system for WiMAX foreign agent relocation with an authorization token.
  • a timestamp and a relocation authorization token are provided in a source Foreign Agent (FA); the timestamp and relocation authorization token is communicated between the source FA and a target FA, if a Proxy Mobile IP (PMIP) client is to be handed over to the target FA; the PMIP client verifies the FA relocation using the timestamp and relocation -A- authorization token; and if the verification is successful, the PMIP client registers to the target FA.
  • FA source Foreign Agent
  • PMIP Proxy Mobile IP
  • FIG. 1 depicts a representative embodiment of current WiMAX network architecture
  • FIG. 2 depicts an embodiment of call flows initiated by a source Foreign Agent
  • FIG. 3 depicts an embodiment of call flows initiated by a target Foreign Agent
  • FIG. 4 depicts an embodiment of call flows initiated by a source Foreign Agent (FA) according the present invention.
  • FA Foreign Agent
  • Access Service Network ASN
  • ASN Access Service Network
  • Base Station A generalized equipment set providing connectivity, management, and control of the subscriber station (MSS).
  • MSS subscriber station
  • Connectivity Service Network is defined as a set of network functions that provide IP connectivity services to mobile station which has IP connectivity capability.
  • MS Mobile station
  • Home Agent A router on a mobile node's home network which tunnels datagram for delivery to the mobile node when it is away from home, and maintains current location information for the mobile node.
  • FA Foreign Agent
  • Reference Point is a conceptual link that connects two groups of functions which reside in different functional entities of an ASN, CSN or MSS. It is not necessarily a physical interface.
  • WiMAX network The network architecture base on IEEE802.16d/e wireless standard.
  • Reference Point R3 Consist of the set of control plane protocols between the ASN and the CSN to support AAA, policy enforcement and mobility management capabilities. It also encompasses the bearer plane methods (e.g., tunneling) to transfer IP data between the ASN and the CSN.
  • bearer plane methods e.g., tunneling
  • FIG. 1 a representative embodiment of current WiMAX network architecture is illustrated.
  • Reference point R3 is the interface between Access Service Network (ASN) and Connectvity Service Network (CSN) to carry control information and IP packets.
  • ASN Access Service Network
  • CSN Connectvity Service Network
  • MIP Mobile IP
  • the R3 data path establishment equals the MIP session establishment.
  • MIP protocol is introduced by Internet Engineering Task Force (IETF).
  • IETF Internet Engineering Task Force
  • An MS with MIP capability may roam into different network without losing its original IP address, which is assigned while it registers to a network. But there are still many MSs which do not and will not have MIP capability.
  • WiMAX designs a Proxy MIP (PMIP) protocol, in which a network entity called PMIP client with MIP capability will conduct Mobile IP operation on behalf of an MS.
  • PMIP Proxy MIP
  • an FAl may decide based on its measurement that it wants a Target FA2 to handle the FA functionality for a Proxy Mobile IP (PMIP) client, and may send over the PMIP address, its own Care-of-Address (CoA), Dynamic Host Configuration Protocol (DHCP) context and other L3 Info to the Target FA2 in an Anchor HO Request message. If the Target FA2 agrees to take over based on its own measurement, Target FA2 initiates FA relocation with the PMIP Client by sending FAl-CoA and its own CoA in Step 2.
  • PMIP Proxy Mobile IP
  • CoA Care-of-Address
  • DHCP Dynamic Host Configuration Protocol
  • Step 3 the PMIP Client may verify that FAl-CoA is the current FA using its record, and start MIP registration by sending RRQ and MIP keys to FA2.
  • Target FA2 informs the Source FAl of successful relocation in an Anchor HO Response message, and the Source FAl may then remove DHCP context, MIP binding and other L3 Info.
  • FIG. 3 illustrates an alternative embodiment of call flows initiated by a target Foreign Agent (FA).
  • a target FA2 may decide based on its measurement that it wants to handle the FA functionality of an PMIP client, and send a trigger to a source FAl.
  • Step 2 Source FAl may verify that the trigger does come from an ASN-GW in down stream.
  • Source FAl may send over a PMIP address, its own CoA, DHCP context and other L3 Info to the Target FA2 in an Anchor HO Request message.
  • Target FA2 initiates FA relocation with the PMIP Client by sending FAl-CoA and its own CoA.
  • the PMIP Client verifies that FAl-CoA is the current FA using its record, and starts MIP registration by sending RRQ and MIP keys to FA2.
  • Target FA2 informs the Source FAl of successful relocation, Source FAl may then remove the DHCP context, MIP binding and other L3 Info.
  • a target FA obtains FA-CoA of a source FA as a proof of approved handover in a relocation negotiation proves. This is not secure.
  • An PMIP client needs more information to make sure that a source FA has issued a grant for FA relocation.
  • a Proxy Mobile IP (PMIP) client acts like a mobile IP client except that the PMIP client is network based, not residing on a mobile node.
  • a key a PMIP client shares with a Foreign Agent (FA), i.e., an MN-FA key, may be used to guarantee the authenticity of a message origin, in this case, the relocation approval from a source FA.
  • FA Foreign Agent
  • a timestamp may be used in a hash calculation.
  • the proposed hash may be called Relocation Authorization Token, to be attached in a source FA and target FA negotiation message.
  • a target FA will present this Relocation Authorization Token to a PMIP client, and the PMIP client may use its MN-FA key with the current FA to validate this Authorization Token, and proceeds with the target FA relocation.
  • the timestamp used in the hash calculation is the running clock maintained by the source FA. In order to ensure replay protection of this Authorization Token, this timestamp has to be reasonably close to the running clock maintained by the PMIP client. This concept is similar to the one used in RFC3344. Therefore, during the MIP binding phase between a soon-to-be FA and a PMIP client, the soon-to-be FA needs to send its timestamp to the PMIP client to record the timing offset. Once their clocks are synchronized, the PMIP client may be able to verify that a future Relocation Authorization Token obtained from this FA is not a replay, by making sure the timestamp used in the hash calculation (which is also transmitted in the clear) is close enough to its own clock.
  • FIG. 4 a diagram illustrates an embodiment of call flows initiated by a source Foreign Agent (FA) according the present invention.
  • a Source FAl sends an AnchorDPF HO Request message to FA2, and attaches FAl -timestamp and a Relocation Authorization Token in the AnchorDPF HO Request message.
  • FAl and a PMIP client already have their timing synchronized (i.e., have time offset tracked).
  • Target FA2 attaches FAl -timestamp and the Relocation Authorization Token it obtained from FAl in an AnchorDPF Relocate Request message it sends to the PMIP Client.
  • FA2 also attaches its own timestamp to synchronize the timing with the PMIP client.
  • the PMIP client verifies the Relocation Authorization Token and ensures it is not a replay.
  • the PMIP client also logs FA2 -timestamp to keep track of time offset with FA2.
  • the above described method in the embodiment of the present invention is secure enough except that the hash calculation does not take into account the target FA identity. So this method may be susceptible to a Man-In-The-Middle (MITM) attack, where a man in the middle of a source and a target FA may intercept the Relocation Authorization Token, and use the token immediately for another FA relocation. This threat may be deemed as acceptable since an MITM attack is difficult to launch.
  • a remedy to this attack is to use target Foreign Agent-Care-of-Address (FA-CoA) in the hash calculation, which may require extra message exchange between source and target FAs to convey the target FA-CoA. Additionally, for a profile B system, this may be difficult to support because the endpoint of FA negotiation may not be the target FA itself. If target FA-CoA is available, the FA-CoA should be used.

Abstract

A method and system for WiMAX foreign agent relocation with an authorization token. A timestamp and a relocation authorization token are provided in a source Foreign Agent (FA); the timestamp and relocation authorization token is communicated between the source FA and a target FA, if a Proxy Mobile IP (PMIP) client is to be handed over to the target FA; the PMIP client verifies the FA relocation using the timestamp and relocation authorization token; and if the verification is successful, the PMIP client registers to the target FA.

Description

METHOD AND SYSTEM FOR WiMAX FOREIGN AGENT RELOCATION
WITH AUTHORIZATION TOKEN
This application claims the priority from US provisional application No. 60/921 ,477, filed on February 20, 2007 and titled "System for WiMAX Foreign Agent Relocation with Authorization Token", the content of which is incorporated herein by reference in its entirety.
FIELD OF INVENTION
[0001] The present invention relates generally to wireless communications, and more particularly, to a versatile system for optimized foreign agent relocation in a system operating in accordance with WiMAX (i.e., IEEE 802.16xx) standards.
BACKGROUND OF THE INVENTION
[0002] With rapid development and growing ubiquity of wireless communication services, user expectations for the quality of wireless communication devices and networks increase. Correspondingly, an array of increasingly more sophisticated wireless communication systems and standards are developed and implemented.
[0003] The IEEE 802.16 standard and its constituent branches comprise one such standard. "WiMAX" is a term that is commonly used to refer to standard, interoperable implementations of IEEE 802.16 wireless systems and sub-systems. The bandwidth and physical range of WiMAX make it a suitable technology for a number of wireless applications, such as: connectivity for Wi-Fi hotspots; providing wireless "last mile" (or "last km") broadband access; and providing high-speed mobile data and telecommunications services.
[0004] Some telecommunication service providers are evaluating WiMAX as a means of increasing bandwidth for a variety of data-intensive applications. In line with these possible applications is the technology's ability to serve as a high bandwidth "backhaul" for Internet or cellular phone traffic from remote areas back to an Internet backbone. Although the cost-effectiveness of WiMAX in a remote application may be higher, it is not limited to such applications, and may be an answer to reducing the cost of Tl/El backhaul as well.
[0005] Given, for example, limited wired infrastructure in some developing countries, costs associated with installing a WiMAX station in conjunction with an existing cellular tower, or even as a solitary hub, may be small in comparison to developing a wired solution. Areas of low population density and flat terrain may be particularly suited to WiMAX and its range. For areas that have skipped wired infrastructure as a result of prohibitive costs and unsympathetic geography, WiMAX may enhance wireless infrastructure in an inexpensive, decentralized, deployment-friendly and effective manner.
[0006] In WiMAX systems, a media access controller (MAC) uses a scheduling algorithm for which a subscriber station needs to compete only once - upon initial entry into a network. Thereafter, it is allocated an access slot (e.g., time slot) by an associated base station. The time slot can enlarge and contract, but remains assigned to the subscriber station. The scheduling algorithm is stable under overload and over-subscription, and may also be more bandwidth efficient. The scheduling algorithm also allows a base station to control Quality of Service (QoS) parameters, by balancing time-slot assignments among application needs of subscriber stations.
[0007] Within WiMAX standards development effort, recent proposals for altering foreign agent (FA) relocation procedure have involved source FA and target FA negotiation prior to relocation. During negotiation, a source FA sends all Layer 3 context information over to a target FA, as well as its Care-of-Address (CoA). The FA-CoA serves as a proof that the source FA has actually negotiated with the target FA, and agreed to the relocation. When a target FA sends a relocation request message to a PMIP client, it will present this (current) FA-CoA obtained from the source FA. [0008] By verifying the FA-CoA with the current CoA address in its mobility binding, the PMIP client will be able to tell that the target FA is indeed authorized to take over the FA functionality, and is not some malicious node trying to redirect mobile traffic.
[0009] Although this scheme provides some level of security, it is still less than optimal, for several reasons. If any target FA happens to know which source FA a mobile station is currently anchored to, and is able to gain access to associated FA-CoA information, an attack to redirect mobile traffic may still be launched by presenting the current FA-CoA to a PMIP client. Current procedures also do not appear to provide any protection against future unauthorized relocations. For example, should a relocation procedure to a target FA fail, a source FA must be able to continue to function as anchor point for the mobile station. Current procedures do not prevent a target FA that has obtained an FA-CoA from re-initiating a new relocation procedure directly with a PMIP client, without the source FA' s consent, even though relocation to the target FA had previously failed - this may be referred to as a "replay attack."
[0010] Therefore, there is a need for an FA relocation system that provides authorization indicators, or tokens, that protect against authorization forgery, or replay attacks, in a WiMAX system or network. Such a system should provide secure indicators - such as FA authentication key signatures or timestamps - in association with a relocation authorization token.
SUMMARY OF THE INVENTION
[0011] Embodiments of the present invention provide a method and system for WiMAX foreign agent relocation with an authorization token. A timestamp and a relocation authorization token are provided in a source Foreign Agent (FA); the timestamp and relocation authorization token is communicated between the source FA and a target FA, if a Proxy Mobile IP (PMIP) client is to be handed over to the target FA; the PMIP client verifies the FA relocation using the timestamp and relocation -A- authorization token; and if the verification is successful, the PMIP client registers to the target FA.
[0012] The following description and drawings set forth in detail a number of illustrative embodiments of the invention. These embodiments are indicative of but a few of the various ways in which the present invention may be utilized.
BRIEF DESCRIPTION OF THE DRAWINGS
[0013] For a more complete understanding of the present disclosure and its advantages, reference is now made to the following description taken in conjunction with the accompanying drawings, in which like reference numerals represent like parts:
[0014] FIG. 1 depicts a representative embodiment of current WiMAX network architecture;
[0015] FIG. 2 depicts an embodiment of call flows initiated by a source Foreign Agent;
[0016] FIG. 3 depicts an embodiment of call flows initiated by a target Foreign Agent; and
[0017] FIG. 4 depicts an embodiment of call flows initiated by a source Foreign Agent (FA) according the present invention.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
[0018] The following discussion is presented to enable a person skilled in the art to make and use the invention. The general principles described herein may be applied to embodiments and applications other than those detailed below without departing from the spirit and scope of the present invention as defined herein. The present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein. [0019] The following definition is used the description of the embodiments of the present invention.
[0020] Access Service Network (ASN): Access Service Network (ASN) is defined as a set of network functions that provide radio access to a mobile station.
[0021] Base Station (BS): A generalized equipment set providing connectivity, management, and control of the subscriber station (MSS).
[0022] Connectivity Service Network (CSN): Connectivity Service Network (CSN) is defined as a set of network functions that provide IP connectivity services to mobile station which has IP connectivity capability.
[0023] Mobile station (MS): A station in the mobile service intended to be used while in motion or during halts at unspecified points.
[0024] Home Agent (HA): A router on a mobile node's home network which tunnels datagram for delivery to the mobile node when it is away from home, and maintains current location information for the mobile node.
[0025] Foreign Agent (FA): A router on a visited network which tunnels datagram for delivery to the mobile node when it is away from home, and maintains tunneling information for the mobile node.
[0026] Reference Point (RP): is a conceptual link that connects two groups of functions which reside in different functional entities of an ASN, CSN or MSS. It is not necessarily a physical interface.
[0027] WiMAX network: The network architecture base on IEEE802.16d/e wireless standard.
[0028] Reference Point R3: Consist of the set of control plane protocols between the ASN and the CSN to support AAA, policy enforcement and mobility management capabilities. It also encompasses the bearer plane methods (e.g., tunneling) to transfer IP data between the ASN and the CSN. [0029] Referring now to FIG. 1, a representative embodiment of current WiMAX network architecture is illustrated. Reference point R3 is the interface between Access Service Network (ASN) and Connectvity Service Network (CSN) to carry control information and IP packets. In Mobile IP (MIP) environment, the R3 data path establishment equals the MIP session establishment.
[0030] In order to realize the Mobile Station (MS) global roaming without changing its IP address, MIP protocol is introduced by Internet Engineering Task Force (IETF). An MS with MIP capability may roam into different network without losing its original IP address, which is assigned while it registers to a network. But there are still many MSs which do not and will not have MIP capability. In order to make those MSs have the same mobility performance as the MSs with MIP capability, WiMAX designs a Proxy MIP (PMIP) protocol, in which a network entity called PMIP client with MIP capability will conduct Mobile IP operation on behalf of an MS.
[0031] Referring now to FIG. 2, a diagram illustrates an embodiment of call flows initiated by a source Foreign Agent (FA). In the first step, an FAl may decide based on its measurement that it wants a Target FA2 to handle the FA functionality for a Proxy Mobile IP (PMIP) client, and may send over the PMIP address, its own Care-of-Address (CoA), Dynamic Host Configuration Protocol (DHCP) context and other L3 Info to the Target FA2 in an Anchor HO Request message. If the Target FA2 agrees to take over based on its own measurement, Target FA2 initiates FA relocation with the PMIP Client by sending FAl-CoA and its own CoA in Step 2. In Step 3,4,5 and 6, the PMIP Client may verify that FAl-CoA is the current FA using its record, and start MIP registration by sending RRQ and MIP keys to FA2. In Step7, Target FA2 informs the Source FAl of successful relocation in an Anchor HO Response message, and the Source FAl may then remove DHCP context, MIP binding and other L3 Info. [0032] FIG. 3 illustrates an alternative embodiment of call flows initiated by a target Foreign Agent (FA). In Step 1, a target FA2 may decide based on its measurement that it wants to handle the FA functionality of an PMIP client, and send a trigger to a source FAl. In Step 2, Source FAl may verify that the trigger does come from an ASN-GW in down stream. If Source FAl agrees to relocate the FA functionality based on its own measurement, Source FAl may send over a PMIP address, its own CoA, DHCP context and other L3 Info to the Target FA2 in an Anchor HO Request message. In Step3, Target FA2 initiates FA relocation with the PMIP Client by sending FAl-CoA and its own CoA. In Step4,5,6, and 7, the PMIP Client verifies that FAl-CoA is the current FA using its record, and starts MIP registration by sending RRQ and MIP keys to FA2. In Step 8, Target FA2 informs the Source FAl of successful relocation, Source FAl may then remove the DHCP context, MIP binding and other L3 Info.
[0033] In the above embodiments, A target FA obtains FA-CoA of a source FA as a proof of approved handover in a relocation negotiation proves. This is not secure. An PMIP client needs more information to make sure that a source FA has issued a grant for FA relocation.
[0034] A Proxy Mobile IP (PMIP) client acts like a mobile IP client except that the PMIP client is network based, not residing on a mobile node. A key a PMIP client shares with a Foreign Agent (FA), i.e., an MN-FA key, may be used to guarantee the authenticity of a message origin, in this case, the relocation approval from a source FA. In order to protect against replay of this relocation approval, a timestamp may be used in a hash calculation. The proposed hash may be called Relocation Authorization Token, to be attached in a source FA and target FA negotiation message. A target FA will present this Relocation Authorization Token to a PMIP client, and the PMIP client may use its MN-FA key with the current FA to validate this Authorization Token, and proceeds with the target FA relocation. The relocation authorization token may be represented by: [0035] Relocation Authorization Token = HMAC-SHAl (MN-FAl key, FAl-CoA
I timestamp | MN-NAI), where FAl is the source FA.
[0036] The timestamp used in the hash calculation is the running clock maintained by the source FA. In order to ensure replay protection of this Authorization Token, this timestamp has to be reasonably close to the running clock maintained by the PMIP client. This concept is similar to the one used in RFC3344. Therefore, during the MIP binding phase between a soon-to-be FA and a PMIP client, the soon-to-be FA needs to send its timestamp to the PMIP client to record the timing offset. Once their clocks are synchronized, the PMIP client may be able to verify that a future Relocation Authorization Token obtained from this FA is not a replay, by making sure the timestamp used in the hash calculation (which is also transmitted in the clear) is close enough to its own clock.
[0037] Referring now to FIG. 4, a diagram illustrates an embodiment of call flows initiated by a source Foreign Agent (FA) according the present invention. A Source FAl sends an AnchorDPF HO Request message to FA2, and attaches FAl -timestamp and a Relocation Authorization Token in the AnchorDPF HO Request message. At this time, FAl and a PMIP client already have their timing synchronized (i.e., have time offset tracked). Target FA2 attaches FAl -timestamp and the Relocation Authorization Token it obtained from FAl in an AnchorDPF Relocate Request message it sends to the PMIP Client. FA2 also attaches its own timestamp to synchronize the timing with the PMIP client. The PMIP client verifies the Relocation Authorization Token and ensures it is not a replay. The PMIP client also logs FA2 -timestamp to keep track of time offset with FA2.
[0038] The above described method in the embodiment of the present invention is secure enough except that the hash calculation does not take into account the target FA identity. So this method may be susceptible to a Man-In-The-Middle (MITM) attack, where a man in the middle of a source and a target FA may intercept the Relocation Authorization Token, and use the token immediately for another FA relocation. This threat may be deemed as acceptable since an MITM attack is difficult to launch. A remedy to this attack is to use target Foreign Agent-Care-of-Address (FA-CoA) in the hash calculation, which may require extra message exchange between source and target FAs to convey the target FA-CoA. Additionally, for a profile B system, this may be difficult to support because the endpoint of FA negotiation may not be the target FA itself. If target FA-CoA is available, the FA-CoA should be used.
[0039] The previous description of the disclosed embodiments is provided to enable those skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art and generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A method for WiMAX foreign agent relocation with authorization token, comprising:
providing a timestamp and a relocation authorization token in a source
Foreign Agent (FA);
communicating the timestamp and relocation authorization token with a target FA if a Proxy Mobile IP (PMIP) client is to be handed over to the target FA;
communicating the timestamp and relocation authorization token with the PMIP;
verifying the FA relocation by the PMIP using the timestamp and relocation authorization token; and
registering to the target FA by the PMIP client if the verification is successful.
2. The method according to claim 1, further comprising before providing the time stamp and the relocation token:
sending to the source FA a trigger to handle the FA functionality of the PMIP client by the target FA.
3. The method according to claim 1 or 2, further comprising
tracking a time offset between the source FA and the PMIP client.
4. The method according to claim 3, wherein the verifying comprises: determining whether the timestamp is close enough to a running clock maintained by the PMIP client, and
wherein the verification is successful when the timestamp is close enough to a running clock maintained by the PMIP client.
5. The method according to claim 1 or 2, wherein the relocation authorization token is represented by:
Relocation Authorization Token = HMAC-SHAl (MN-FAl key, FAl-CoA I timestamp | MN-NAI),
where FAl is the source FA, MN-FAl key represents a key the PMIP client shares with the source FA, and FAl-CoA represents source F A-Care-of- Address (FA-CoA).
6. The method according to claim 5, wherein the timestamp used in the hash calculation is a running clock maintained by the source FA.
7. The method according to claim 5, further comprising:
using target FA-CoA in the hash calculation.
8. The method according to claim 1 or 2, wherein the communicating the timestamp and relocation authorization token with the PMIP comprises:
sending a timestamp of the target FA to the PMIP.
9. A system for WiMAX foreign agent relocation with authorization token, comprising:
means for providing a timestamp and a relocation authorization token in a source Foreign Agent (FA);
means for communicating the timestamp and relocation authorization token with a target FA if a Proxy Mobile IP (PMIP) client is to be handed over to the target FA;
means for communicating the timestamp and relocation authorization token with the PMIP;
means for verifying the FA relocation by the PMIP using the timestamp and relocation authorization token; and
means for registering to the target FA by the PMIP client if the verification is successful.
10. The system according to claim 9, further comprising:
means for sending to the source FA a trigger to handle the FA functionality of the PMIP client by the target FA.
11. The system according to claim 9 or 10, further comprising
means for tracking a time offset between the source FA and the PMIP client.
12. The system according to claim 11, wherein the means for verifying comprises:
means for determining whether the timestamp is close enough to a running clock maintained by the PMIP client.
13. The system according to claim 9 or 10, wherein the relocation authorization token is represented by:
Relocation Authorization Token = HMAC-SHAl (MN-FAl key, FAl-CoA I timestamp | MN-NAI),
where FAl is the source FA, MN-FAl key represents a key the PMIP client shares with the source FA, and FAl-CoA represents source F A-Care-of- Address (FA-CoA).
14. The system according to claim 13, wherein the timestamp used in the hash calculation is a running clock maintained by the source FA.
15. The system according to claim 13, further comprising:
means for using target FA-CoA in the hash calculation.
16. The system according to claim 9 or 10, wherein the means for communicating the timestamp and relocation authorization token with the PMIP comprises:
means for sending a timestamp of the target FA to the PMIP.
PCT/CN2008/070332 2007-02-20 2008-02-20 Method and system for wimax foreign agent relocation with authorization token WO2008101446A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008800003233A CN101542978B (en) 2007-02-20 2008-02-20 Method and system for WiMAX foreign agent relocation with authorization token

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US92147707P 2007-02-20 2007-02-20
US60/921,477 2007-02-20

Publications (1)

Publication Number Publication Date
WO2008101446A1 true WO2008101446A1 (en) 2008-08-28

Family

ID=39709657

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/070332 WO2008101446A1 (en) 2007-02-20 2008-02-20 Method and system for wimax foreign agent relocation with authorization token

Country Status (2)

Country Link
CN (1) CN101542978B (en)
WO (1) WO2008101446A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006015609A1 (en) * 2004-08-04 2006-02-16 Siemens Aktiengesellschaft ,method and devices for providing mobility management
CN1794869A (en) * 2005-07-09 2006-06-28 华为技术有限公司 Method and system of realizing R3 interface shift based on resource optimization

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7079520B2 (en) * 2001-12-28 2006-07-18 Cisco Technology, Inc. Methods and apparatus for implementing NAT traversal in mobile IP

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006015609A1 (en) * 2004-08-04 2006-02-16 Siemens Aktiengesellschaft ,method and devices for providing mobility management
CN1794869A (en) * 2005-07-09 2006-06-28 华为技术有限公司 Method and system of realizing R3 interface shift based on resource optimization

Also Published As

Publication number Publication date
CN101542978B (en) 2011-06-15
CN101542978A (en) 2009-09-23

Similar Documents

Publication Publication Date Title
US9854497B2 (en) Method and apparatus for self configuration of LTE e-Node Bs
US7286671B2 (en) Secure network access method
EP2174444B1 (en) Methods and apparatus for providing pmip key hierarchy in wireless communication networks
CN103906162B (en) Independently of the improved frame of pre-authentication of medium
US8009626B2 (en) Dynamic temporary MAC address generation in wireless networks
JP2010500803A (en) Method and system for providing an access-only key
US20040066764A1 (en) System and method for resource authorizations during handovers
KR101023462B1 (en) System for fa relocation with context transfer in wireless networks
Huang et al. A fast authentication scheme for WiMAX–WLAN vertical handover
CA2661050A1 (en) Dynamic temporary mac address generation in wireless networks
CN101288273A (en) Framework of media-independent pre-authentication improvements
Wang et al. Integration of authentication and mobility management in third generation and WLAN data networks
Prasad et al. A secure certificate based authentication to reduce overhead for heterogeneous wireless network
KR100638590B1 (en) Amethod for terminal authenticating in portable internet system
WO2008101446A1 (en) Method and system for wimax foreign agent relocation with authorization token
KR20140055675A (en) Geography-based pre-authentication for wlan data offloading in umts-wlan networks
Prasad et al. Next generation communications and secure seamless handover
Hassan et al. One-time key and diameter message authentication protocol for proxy mobile IPv6
Morioka et al. MIS protocol for secure connection and fast handover on wireless LAN
Krishnamurthi et al. Using the liberty alliance architecture to secure IP-level handovers
Mun et al. Mutual authentication scheme in proxy mobile IP
Hassan et al. Integrated Solution Scheme with One-Time Key Diameter Message Authentication Framework for Proxy Mobile IPv6
Komarova et al. Wireless Network Architecture to Support Mobile Users.

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200880000323.3

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08706705

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08706705

Country of ref document: EP

Kind code of ref document: A1